
Is AI safe for business? It can be, but only when you can see where your data goes and control which tools your staff use. Left unmanaged, everyday AI use moves confidential information outside your control without anyone deciding it should. With AI governance in place (clear policy, technical controls and a sanctioned toolset), you keep the productivity and lose the exposure. This piece explains the risk in plain terms, what good AI governance looks like, and the practical steps to put it in place, including the ones that have nothing to do with buying anything from us.
Over the past year, the question from clients across the UK has changed. People aren’t asking whether AI is useful. They’re asking whether it’s safe.
The concerns tend to fall into the same themes:
- • Are we losing control of our data to AI?
- • What are our users sending to third‑party AI tools?
- • How do we block unsanctioned AI tools without killing productivity?
- • How do we stay compliant with GDPR, DORA and our own internal governance policies?
These aren’t hypothetical. They’re operational risks unfolding inside businesses every day, usually unnoticed until something surfaces. AI adoption has moved faster than most governance frameworks, so the controls simply aren’t there yet.
The uncomfortable truth about “free” AI tools
Consumer-grade AI platforms are built to feel effortless: fast, clever and free. As Martin Lake, our Security Operations Centre Manager, puts it to clients:
“Did you know generative AI platforms will use your data to train their models? Sometimes when things are free, it’s actually you, and your data, that are the real product.”
So, do free AI tools use your data to train models? Many do, and they say so in terms most people never read. When someone pastes a client report, a financial projection or a confidential document into a public AI tool, they usually can’t answer three basic questions: where is that data stored, how long is it kept, and who can see it. They also can’t say whether it left the UK or EU, or whether it fed a model that will surface fragments of it to someone else later.
The honest framing matters here. This is rarely malice. It’s convenience. A busy person under deadline pressure reaches for the quickest tool, and a single upload can breach a confidentiality clause or fall foul of GDPR. Convenience, not conspiracy, is the real risk.
One thing most “shadow AI” advice gets wrong
Most articles on shadow AI end with the same instruction: block the tools. In our experience running discovery on new client environments, blanket blocking usually makes shadow AI worse, not better. When people can’t use a tool that genuinely helps them, they don’t stop. They move to personal devices, personal accounts and phone browsers, where you have no visibility at all. You haven’t removed the risk. You’ve hidden it.
The pattern we see repeatedly on first engagement: the heaviest AI users are often your best, most productive people, and the data most commonly exposed is not source code or passwords but ordinary business documents – proposals, meeting notes, spreadsheets, pasted in to be “tidied up.”. More than 55% of new clients were found with unsanctioned AI use whereby the most common data being used in these tools falls between Personal Identifiable Information (PII) and Financial data.
That changes the fix. The goal isn’t to stamp AI out. It’s to give people a sanctioned tool that’s at least as good as the one they’d reach for, then block the rest. Control follows convenience, not the other way round.
The governance gap
Most organisations have solid policies for email, data storage, device management and cloud usage. AI arrived faster than any of them, so a gap opened between what leaders think is happening and what’s actually happening on the ground.
If GDPR, DORA, ISO 27001 or your own internal frameworks matter, unmanaged AI use is already a compliance issue, not a future one. The core problem is visibility. Many businesses can’t say which AI tools their staff use, what data goes into them, or where it ends up. That unmonitored use of consumer platforms is what people mean by shadow AI, and it’s become one of the biggest blind spots in modern IT.
A common scenario: someone under pressure to produce a client proposal pastes the draft into a free AI tool to sharpen it. The likely consequences:
- • The platform stores the content
The platform keeps the content. Anything pasted into a public AI tool may be retained, cached or copied elsewhere. - • It may train the model
Many free AI platforms state that user content can be used to improve their systems. - • It may leave the UK
Data can be processed or stored outside your regulatory boundaries, often with no transparency. - • A breach may already have happened.
A single upload can violate GDPR, DORA or internal policy, usually before anyone notices.
Because the output looks polished and professional, the risk remains invisible. AI is being used everywhere, but it’s not being controlled anywhere – and the longer this gap remains open, the more data quietly slips through it.
What good AI governance actually involves
AI governance is the mix of policy, technical control and monitoring that lets people use AI safely. Most of it is vendor-neutral, and worth doing whichever tools you land on:
- Find out what’s already in use. Web filtering, conditional access and DLP logs will surface AI-related traffic and data movement. You can’t govern what you can’t see.
- Set a plain-English policy. State which tools are approved, what data must never be pasted into any external AI, and who to ask when in doubt. Short enough that people actually read it.
- Put data loss prevention (DLP) around AI. DLP rules can detect and stop sensitive patterns — personal data, financial data, credentials — from leaving via AI tools, with human review on the edge cases.
- Give people a sanctioned alternative. This is the step most plans skip, and the one that makes the rest hold. A governed AI tool that keeps prompts and data inside your own tenant removes the reason to reach for a public one.
- Block the unsanctioned tools last. Once a sanctioned option exists, blocking the rest is enforcement rather than obstruction — and far more likely to stick.
- Educate, then re-check. Tell people why, not just what, and re-run discovery periodically to catch drift.
On point 4, several enterprise tools can keep AI use inside your regulatory boundary. Microsoft Copilot is the route we most often deploy because it runs inside a client’s existing Microsoft 365 tenant, so Copilot data security inherits the sensitivity labels, conditional access and DLP you already run. Data stays in-region and isn’t used to train external models. Approved third-party LLMs can be governed the same way. The principle matters more than the brand: keep AI use somewhere you can audit it.
As Martin puts it:
“If things like GDPR or DORA are important to your business, you need to take control of your data. We can help you keep your AI LLM use region-locked and advise on the data security controls that keep you in control.”
This is what secure AI adoption in the UK looks like in practice: not shutting AI down, but enabling it in a place you can see.
How ERGOS manages AI governance internally
We apply the same discipline inside our own business that we ask of clients. Our internal data governance framework is built so every workflow, system and AI-assisted process runs within defined boundaries.
Microsoft 365 sensitivity labels control how information moves, granting access based on user identity, device posture and location. Data Loss Prevention policies watch internal and external movement for patterns such as personal information, financial data or credentials. Any DLP event goes through a moderation step, giving us human oversight before anything inappropriate leaves.
That operational layer sits on deeper telemetry. Our SIEM platform monitors continuously for signs of data exfiltration, privilege misuse or anomalous behaviour, providing independent evidence that the controls are doing their job and alerting the security team when something deviates from policy.
All data in ERGOS systems is protected by enforced encryption at rest and in transit. Where certain information is permitted to leave the business, for example when working with approved partners, further encryption is applied automatically on receipt. The standard travels with the data.
In short, we govern our own AI-assisted workflows the way we govern our clients’: labelled data, controlled access, monitored movement, independent detection and encryption where it counts.
ISO/IEC 42001: The emerging standard for responsible AI
As AI becomes part of everyday operations, organisations want a recognised framework that defines what responsible AI use means. ISO/IEC 42001 is the first global standard built specifically for AI management systems, giving businesses a structured way to show their AI use is safe, governed and aligned with regulatory expectations. It’s fast becoming the reference point for a responsible AI standard.
ISO 42001 sets out requirements for managing AI risk, documenting AI-related decisions, controlling data inputs, monitoring outputs and keeping AI use transparent. It treats AI as a lifecycle that needs oversight, accountability and continuous improvement.
ERGOS is aligning its internal governance with ISO 42001 principles. Our data labelling, conditional access, DLP moderation, SIEM-based detection and encryption map naturally onto the standard’s expectations, and we’ll keep evolving the controls as the framework matures.
Why businesses trust ERGOS on this
Businesses trust Ergos with AI governance because it’s built on the same disciplined, security‑first foundations that underpin every part of our service. Our ISO 27001 certification demonstrates that our information security management is independently audited, continuously improved, and aligned to global best practice. Cyber Essentials Plus adds an additional layer of assurance, proving that our controls aren’t just documented, they’re technically tested and verified by external assessors. Combined with secure‑by‑design processes, rigorous data‑handling standards, and a culture of accountability, these frameworks give organisations confidence that AI is deployed safely, ethically, and in full alignment with UK regulatory expectations, which our clients in the financial services and legal sectors rely on. It’s not just about enabling AI, it’s about governing it with the same seriousness as any other critical business system.
Talk to ERGOS: start with a shadow AI discovery
The first move costs you nothing but a conversation. We run a shadow AI discovery that shows exactly which AI tools your staff already use and what data is moving to them, then map that against GDPR, DORA and your internal policies. From there you get a prioritised plan to block risky tools, prevent data leakage, and roll out a sanctioned, governed option.
Book a shadow AI discovery with ERGOS here. AI isn’t going away. With the right controls, the right governance and the right partner, the risk can.
Frequently asked questions
How do I know if my staff are already using unsanctioned AI tools?
Most organisations have some shadow AI use happening quietly. Informal signs include unusually polished documents, sudden shifts in writing style, or staff openly experimenting with public AI tools. The only reliable way to confirm it is through technical controls – web filtering, conditional access and DLP monitoring – which surface AI-related traffic and data movement.
Do free AI tools use your data to train models?
Many do, and they say so in their terms. Free AI platforms often store, process or reuse what you submit, and a good number state that user content may be used to improve their models. That creates risk around confidentiality, GDPR compliance, data residency and long-term control. A single upload of client information, financial data or internal documentation can constitute a breach.
How do I block unsanctioned AI tools without hurting productivity?
Block them last, not first. Give people a sanctioned, governed AI tool that does the job at least as well, then use web filtering and conditional access to close off the rest. Blocking everything before offering an alternative usually pushes usage onto personal devices where you have no visibility.
How does Miicrosoft CoPilot help keep my data safe?
Copilot runs inside your Microsoft 365 tenant, so your prompts, documents and interactions stay protected by the encryption, compliance and access controls you already use, including sensitivity labels, conditional access and DLP. Data stays in-region and isn’t used to train external models. Other enterprise LLMs can be governed on the same principle.
What does “AI Governance” actually involve?
It’s the combination of policy, technical control and monitoring that keeps AI use safe: discovering what’s in use, setting clear data-handling rules, applying DLP, offering a sanctioned tool, blocking the rest, and educating staff. It’s about enabling AI safely, not restricting innovation.
What is ISO/IEC 42001 and why does it matter?
ISO/IEC 42001 is the first global standard for AI management systems. It gives organisations a structured way to show responsible, transparent and well-controlled AI use. For businesses handling sensitive data or working in regulated sectors, aligning with it helps prove AI risk is managed with real accountability and oversight.

